Wisegate released new research from its members that demonstrate how CIOs and CISOs are working to achieve the right balance between employee productivity and information security as they face growing IT consumerization trends, such as BYOD and more recently BYOx (where x = anything from the latest mobile device to personal apps, web services, cloud storage and more.)

Today BYOx has become a catch-all term that encompasses a broad spectrum of technologies and services that are not managed (or in some cases even approved) by the corporate IT organization, but are being used by the workforce to get their jobs done.

Meeting worker mobility and productivity expectations while minimizing security, privacy and regulatory risks is undoubtedly a tall order for any CISO to fill.

“As it becomes increasingly easy for departments to deploy their own web-based business application or for employees to back up corporate data to a cloud-based service without any IT department assistance, many CISOs are questioning how they can support mobile productivity demands while still adhering to corporate policies,” said a Wisegate member and CISO of a Fortune 100 company. “Like all security leaders, Wisegate CISO members are sorting through these same issues—and finding benefits from the ability confer with others—to get advice and learn from the experiences and successes of their peers.”

Through this report, Wisegate makes key member BYOx insights and experiences—that are typically shared only between members—available to the broader Information Security community. This report features the latest practitioner answers to tough questions such as:

Which devices to support - bring-your-own, company-issued, or both—and how best to manage them?

File sharing - how to protect data that is being stored outside the organization and which vendors offer file sharing solutions to help?

Custom applications - and how to control workers’ access to other applications?

“Wisegate encourages frank discussions about industry challenges and solutions including specific products and vendors,” said Sara Gates, Founder and CEO of Wisegate. “The purpose is not to promote or discourage the use of any product, but rather to share experiences of what works well and what doesn’t in a given situation. Wisegate's mission is to democratize information by putting the collection, curation and communication of technology information directly into the hands of IT practitioners.”

Spotlight

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Sun Tzu's writings have been studied throughout the ages by professional militaries and can used to not only answer the question of whether or not we are in a cyberwar, but how one can fight a cyber-battle.

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.

There is still way too much apathy when it comes to data-centric security. Given the sensitive data the OPM was tasked with protecting, it should have had state-of-the-art data protection, but instead it has become the poster child for IT security neglect.